Use both, in the form of a passphrase-protected key. Otherwise, somebody could log in from one of your systems to others without even needing a keylogger. Two-factor authentication (something you have plus something you know) is becoming a minimum, and three-factor (add something you are) deserves serious consideration in all but the least secure situations.

(Yes, I know “something you have’ usually refers to something physical.)

Good clarification. I agree, passphrase protected keys. Unfortunately, keyloggers abound, and stealing typed data is becoming easier under windows systems. I’ve been thinking of 3 factor for a while.

We have a few other things we can do to set up systems that generally make it very hard to compromise, but they limit utility as a server. I need to look at them and see if we can make these more palatable.

I wasn’t able to definitively establish the attack entry mechanism, only the entry point. I know ssh isn’t the windows way. Then again, running everything as administrative user is the windows way. Look at how well this helped 🙁